Skip to content

Tighten posture self-check honesty#29

Merged
SSBrouhard merged 1 commit into
mainfrom
codex/posture-honesty-fixes
Jun 10, 2026
Merged

Tighten posture self-check honesty#29
SSBrouhard merged 1 commit into
mainfrom
codex/posture-honesty-fixes

Conversation

@SSBrouhard

@SSBrouhard SSBrouhard commented Jun 10, 2026

Copy link
Copy Markdown
Owner

Summary

  • make path-isolation checks UNKNOWN unless the operator explicitly supplies agent-readable roots with --agent-root
  • require explicit no-direct-bypass attestation plus evidence reference before direct_gmail_bypass can PASS
  • keep hard_enforcement_ready reachable only when every check passes, including attested bypass closure
  • document the self-check boundary in README and deployment runbook

Validation

  • .venv/bin/python -m pytest -q
  • .venv/bin/python -m compileall src tests scripts integrations
  • .venv/bin/python scripts/vmga_release_check.py
  • npm test && npm run plugin:validate (integrations/openclaw)
  • manual local posture smoke without --agent-root shows path checks as UNKNOWN

@SSBrouhard SSBrouhard merged commit 5d13547 into main Jun 10, 2026
5 checks passed
@SSBrouhard SSBrouhard deleted the codex/posture-honesty-fixes branch June 10, 2026 10:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@SSBrouhard